Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-07-05 19:11:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,311 Commits 1 Branch 0 Tags 89 MiB
2e84510f6f
Commit Graph

141 Commits

Author SHA1 Message Date
Tad
964877bbf6
20.0: September ASB picks 
wget b96ee4a2d1.patch -O telephony-01.patch
wget c16e6e78c1.patch -O media-01.patch
wget d5771450d7.patch -O media-02.patch
wget a1370bd00c.patch -O nn-01.patch
wget ce2776f4ca.patch -O bt-01.patch
wget 585f583ef5.patch -O bt-02.patch
wget c9905e7968.patch -O bt-03.patch
wget c93ec045f5.patch -O bt-04.patch
wget 89fb17d172.patch -O bt-05.patch
wget 14aed2455e.patch -O bt-06.patch
wget cd438ebc52.patch -O bt-07.patch
wget 27e7cdc4e5.patch -O nfc-01.patch
wget dfeb4270b8.patch -O launcher-01.patch
wget b1993f6cec.patch -O native-01.patch
wget df4a9362cd.patch -O fwb-01.patch
wget b55563bb9d.patch -O fwb-02.patch
wget a80971a281.patch -O fwb-03.patch
wget 7e173b4383.patch -O fwb-04.patch
wget 44191b1c6b.patch -O fwb-05.patch
wget 8dc8dfe572.patch -O fwb-06.patch
wget 00a4224100.patch -O av-01.patch
wget 21623d1f43.patch -O settings-01.patch
wget fa5ec443d9.patch -O settings-02.patch
wget ba4da9c7b3.patch -O settings-03.patch

Signed-off-by: Tad <tad@spotco.us>
 2023-09-06 15:42:52 -04:00
Tad
9e954ea987
Restore face unlock for Pixel 4 series 
We keep fingerprint reader blobs, so why not these?

Signed-off-by: Tad <tad@spotco.us>
 2023-09-01 20:51:49 -04:00
Tad
56b71651c5
Tweak 
Signed-off-by: Tad <tad@spotco.us>
 2023-08-30 15:22:00 -04:00
Tad
8acec36989 20.0: eUICC for all 
TODO: move this setting to the cell menu

Signed-off-by: Tad <tad@spotco.us>
 2023-08-30 12:41:30 -04:00
Tad
bf55f7d572
Remove more face unlock blobs and unbreak camera on Pixel 4 series 
Signed-off-by: Tad <tad@spotco.us>
 2023-08-26 18:22:51 -04:00
Tad
fa030fcbf4
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-08-24 21:38:33 -04:00
Tad
7835c2b2ae
18.1+: Restrict tile usage when locked, credit @GrapheneOS 
TODO: backport to older branches

Signed-off-by: Tad <tad@spotco.us>
 2023-08-22 17:54:19 -04:00
Tad
8b51c3cd0f
Fixup OpenEUICC inclusion 
Signed-off-by: Tad <tad@spotco.us>
 2023-08-21 20:00:31 -04:00
Tad
d6c3b6c8fa
More eSIM work 
- Add the GrapheneOS package hook mechanism
- Ensure OpenEUICC and EuiccSupportPixel are only enabled in the system user
- Prevent EuiccSupportPixel interactions
- Remove INTERNET permission from EuiccSupportPixel

Signed-off-by: Tad <tad@spotco.us>
 2023-08-21 16:50:51 -04:00
Tad
c070e856b2
eSIM enablement via @PeterCxy's OpenEUICC 
tested working on bluejay

Signed-off-by: Tad <tad@spotco.us>
 2023-08-21 09:25:10 -04:00
Tad
c90920965f
Remove some garbage 
Signed-off-by: Tad <tad@spotco.us>
 2023-08-20 16:11:44 -04:00
Tad
ceec1584a9
Fixup hosts cache thanks to patch from @danielk43 
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/198

Signed-off-by: Tad <tad@spotco.us>
 2023-08-18 11:17:14 -04:00
Tad
9707326c4f
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-08-13 16:16:21 -04:00
Tad
7ef5d9a9c4
Broken EUICC handling 
Signed-off-by: Tad <tad@spotco.us>
 2023-08-05 18:57:32 -04:00
Tad
c8d3354113
Patch from CalyxOS to make AOSP less spyware 
Signed-off-by: Tad <tad@spotco.us>
 2023-07-24 14:35:24 -04:00
Tad
e74f861c8e
Fixes + Churn 
- Fix instances of awk failing on missing globs
- Remove unwanted packages from work/user/managed profiles
- Remove proprietary camera extensions

Signed-off-by: Tad <tad@spotco.us>
 2023-07-24 03:59:51 -04:00
Tad
4bab1c31d7
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-07-19 16:05:51 -04:00
Tad
af57c5c857
Tweaks 
Signed-off-by: Tad <tad@spotco.us>
 2023-07-19 04:43:13 -04:00
Tad
aa6bfad801
Various 
- Drop OpenCamera, it doesn't work on lock screens anymore?
- microG on 18.1+:
  - set packages forceQueryable
  - spoof some sources as Play Store
    TODO: backport this to 17.1
- Remove camera extensions
- Churn
- Wording

Signed-off-by: Tad <tad@spotco.us>
 2023-07-15 18:22:07 -04:00
Tad
11c286ecd4
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-07-14 17:27:20 -04:00
Tad
b5bb498248
Many tweaks 
- 19.1/20.0: Enable low ram for <6GB devices
- 20.0: support RROs with exec spawning patch from GrapheneOS
- allow work profiles when low ram is enabled
- churn
- cherrypicks

Signed-off-by: Tad <tad@spotco.us>
 2023-07-13 16:40:05 -04:00
Tad
7a53edc390
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-07-10 17:11:15 -04:00
Tad
fc01bcba7f
Churn 
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/222

Signed-off-by: Tad <tad@spotco.us>
 2023-07-09 21:23:25 -04:00
Tad
5bc210f135
Adjust microg config path 
/product can't be used for now
https://github.com/microg/GmsCore/issues/1976

also move the wording around so it can be easier to remove later
after a new release is tagged

Signed-off-by: Tad <tad@spotco.us>
 2023-07-07 13:33:48 -04:00
Tad
492ed24ca2
Fixups 
Signed-off-by: Tad <tad@spotco.us>
 2023-07-06 17:59:25 -04:00
Tad
a96f74ca28
Enable the opt-in unprivileged microG enablement patchset 
Runtime tested: 17.1, 18.1, 20.0
Compile tested: 19.1

Signed-off-by: Tad <tad@spotco.us>
 2023-07-03 21:50:08 -04:00
Tad
b7d37053c3
Further harden signature spoofing with targetSdk and versionCode checks 
- Also fix compile for 17.1, rest should be fine

Signed-off-by: Tad <tad@spotco.us>
 2023-07-03 17:33:34 -04:00
Tad
4282c7c35f
Backports of 0f4044e2 to 17.1/18.1/19.1 
Also don't grant any special location permissions

Signed-off-by: Tad <tad@spotco.us>
 2023-07-03 15:17:56 -04:00
Tad
0f4044e242
20.0: opt-in hardened unprivileged microG ability 
Unlike other systems which ship privileged microG out of the box:
- User must enable microG repo in F-Droid
- User must install official microG apps (GmsCore/FakeStore/GSF)
- User must enable the microG toggle in Settings
- NOT a privileged app, not all features will work
- gmscore SELinux domain is still disabled

Signed-off-by: Tad <tad@spotco.us>
 2023-07-03 13:45:06 -04:00
Tad
dc4d6b0901
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-06-20 18:36:31 -04:00
Tad
1e7f10d6b6
20.0: drop June ASB patches 
QPR3 has been merged

Signed-off-by: Tad <tad@spotco.us>
 2023-06-20 16:22:02 -04:00
Tad
e2ca79c607
20.0: add dot.sb DNS preset 
Signed-off-by: Tad <tad@spotco.us>
 2023-06-14 19:42:30 -04:00
Tad
0dde119d7e
20.0 June ASB work + churn 
QPR3 is delayed a week now

Patches pulled from GrapheneOS and checked against CalyxOS

Signed-off-by: Tad <tad@spotco.us>
 2023-06-12 21:06:42 -04:00
Tad
ffe020a7a0
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-06-07 18:01:35 -04:00
Tad
11d228c7c3
Switch CensurfriDNS to anycast domain 
Signed-off-by: Tad <tad@spotco.us>
 2023-06-05 15:47:21 -04:00
Tad
e696cceac9
20.0 Private DNS work 
- Simplify Private DNS preset patchsets
  based on updated CalyxOS patchset
  TODO: backport this

- Add DoH endpoints for all of the presets
  Disabled, very few hosts actually support DoH/3

Signed-off-by: Tad <tad@spotco.us>
 2023-05-31 19:02:10 -04:00
Tad
8a43be3c58
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-05-30 15:17:29 -04:00
Tad
14c191ffb5
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-05-04 21:19:33 -04:00
Tad
c544c28b94
Prevent Qualcomm location stack from reading chipset serial number 
The deblobber already removes xtra-daemon which is what actually performs the requests.
This is just extra sanctity.

Signed-off-by: Tad <tad@spotco.us>
 2023-05-03 21:41:20 -04:00
Tad
18f72663e8
Fix + churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-04-25 02:03:40 -04:00
Tad
7263a6fd6e
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-04-17 12:27:05 -04:00
Tad
2cc87c4dc7
Switch fingerprint locked to 5 attempts instead of 3 + churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-04-12 15:26:26 -04:00
Tad
332c469151
Silence some log spam 
As repoted on FP3

Signed-off-by: Tad <tad@spotco.us>
 2023-03-28 23:40:31 -04:00
Tad
c4a23756a5 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-03-25 20:44:13 -04:00
Tad
b522a16298
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-03-22 07:21:15 -04:00
Tad
b4dbe27f23
Fixes 
- 18.1: Fix exempted background tasks when dozing (GrapheneOS)
- 20.0: pick a fix for some colors after qpr2
- 20.0: fix the missing notification backdrop

Signed-off-by: Tad <tad@spotco.us>
 2023-03-20 17:51:09 -04:00
Tad
9475615e77
A13 QPR2 Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-03-19 20:52:48 -04:00
Tad
7e3bbc174a
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-03-06 22:57:45 -05:00
danielk43
11039a156d Update LOS20 hardened_malloc patches 2023-02-27 10:10:41 -05:00
Tad
2993b459f0
Fixes 
Signed-off-by: Tad <tad@spotco.us>
 2023-02-18 23:53:28 -05:00
Tad
b08bf0356f
Small additions + churn 
- 18.1+: Disable NTP fully when automatic time is off, credit GrapheneOS
- 20.0: Handle Tor-over-Orbot when killswitch enabled, credit CalyxOS, BROKEN

Signed-off-by: Tad <tad@spotco.us>
 2023-02-18 13:52:46 -05:00
Tad
9f82763c53
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-02-17 23:57:04 -05:00
Tad
742a2fb7e2
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-02-13 10:32:56 -05:00
Tad
49f5f1c674
19.1+: Add the SUPL toggle setting from GrapheneOS 
Will need some work to apply on 17.1/18.1

Signed-off-by: Tad <tad@spotco.us>
 2023-02-10 23:57:04 -05:00
Tad
ef51b5e5af
Updated strict package check patches from GrapheneOS 
Signed-off-by: Tad <tad@spotco.us>
 2023-02-03 17:57:15 -05:00
Tad
3231979ef4
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-01-24 20:55:42 -05:00
Tad
fb7bf503b1
Pull in the special permissions reset bugfix from GrapheneOS 
Signed-off-by: Tad <tad@spotco.us>
 2023-01-24 19:20:00 -05:00
Tad
b1da856762
Cleanup 
Signed-off-by: Tad <tad@spotco.us>
 2023-01-24 19:14:26 -05:00
Tad
8abf9a0031
Finish e81cd558 
Signed-off-by: Tad <tad@spotco.us>
 2023-01-24 19:12:05 -05:00
Tad
e81cd5586d
Add even more captive portal servers + sorting 
TODO: apply to other branches

Signed-off-by: Tad <tad@spotco.us>
 2023-01-23 16:42:00 -05:00
Tad
a96d2221cd
Fix off-by one 
Signed-off-by: Tad <tad@spotco.us>
 2023-01-22 00:09:02 -05:00
Tad
9558a7d0e9 Switch to the Broadcom PSDS server for Pixel 6/7 series 
Instead of agnss.goog cache
Based off of a patch from GrapheneOS

Signed-off-by: Tad <tad@spotco.us>
 2023-01-21 04:08:26 -05:00
Tad
ad466bd3e4
Various changes 
- 17.1: Add more captive portal server options like 18.1+, disabled: needs fixes
- 17.1: Add the hosts toggle like 18.1+
- 18.1: fix junk in patch
- 17.1+: hosts toggle: bugfix: fixup localhost handling by switching to strcmp
- 15.1: fixes to get hmalloc to compile, does NOT boot

Signed-off-by: Tad <tad@spotco.us>
 2023-01-20 18:59:02 -05:00
Tad
84a9a1326c
18.1+: add multiple captive potal server options 
This also switches 18.1 from @MSe1969's patch to the GrapheneOS patch
Can maybe port to 17.1 too

Signed-off-by: Tad <tad@spotco.us>
 2023-01-20 00:21:30 -05:00
Tad
207bdd2406
Strict versionCode checks for system apps from GrapheneOS 
Signed-off-by: Tad <tad@spotco.us>
 2023-01-11 12:19:41 -05:00
Tad
7dbdcdf751 Tweak Aperture defaults 
Signed-off-by: Tad <tad@spotco.us>
 2023-01-08 21:20:36 -05:00
Tad
c92c084ca1
Churn 
Signed-off-by: Tad <tad@spotco.us>
 2023-01-08 20:49:57 -05:00
Tad
06254708be
Many fixes to get bluejay booting & working proper 
- Enable APEX for Pixel 6/7, necessary for camera and pKVM
  - Also drop hack removing pKVM for Pixel 6/7
  - patch from GrapheneOS

- Extend hmalloc workaround to /apex

- Deblobber:
  - actually handle wildcard f/w/b overlays
  - move some stuff around
  - remove some more Pixel blobs
  - flag and disable removal of camera extensions, being able to use the second camera is nice

- Adjust what hardenDefconfig disables, caused boot issues
  minimal impact as most of these are already default-disabled
  can be narrowed down in future

- Disable some of the bionic hardening patches, causing more boot issues
  annoying to lose, but having a phone that boots is more important

- Add LTE only mode to 17.1, 18.1, 19.1, and 20.0, credit GrapheneOS

- Remove Pixel 2 ramdisk compression reverts, fixed upstream

And yes, I know I should've split up this commit...

Signed-off-by: Tad <tad@spotco.us>
 2022-12-25 13:21:37 -05:00
Tad
751d1e8d72
Misc patches 
- 20.0: updated and enabled burnIn patch
- 19.1: fixup apps having data restrictions wrongly applied

Signed-off-by: Tad <tad@spotco.us>
 2022-12-23 10:09:37 -05:00
Tad
29c9826c11
20.0: QPR1 churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-10 20:57:17 -05:00
Tad
b78f573eb9
Fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-10 20:30:22 -05:00
Tad
ce47fdae34
Small updates + Picks 
Signed-off-by: Tad <tad@spotco.us>
 2022-12-07 18:41:50 -05:00
Tad
3c8c235758
Ugly workaround 
For bug exposed after:
https://review.lineageos.org/c/LineageOS/android_frameworks_base/+/344890

Signed-off-by: Tad <tad@spotco.us>
 2022-12-03 23:58:36 -05:00
Tad
178e127338
Small tweaks + churn 
Fixes recovery not booting on 20.0

Signed-off-by: Tad <tad@spotco.us>
 2022-12-03 16:19:31 -05:00
Tad
680bf51e05
Ugly hack 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-22 07:24:21 -05:00
Tad
fd0e3e8117
Update CVE patchers 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-22 07:11:30 -05:00
Tad
7f24df22f7 Small updates 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-21 06:09:29 -05:00
Tad
14f7f1db32
Updates + Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-11-13 02:06:05 -05:00
Tad
807a08210a
Tweaks 
- 20.0: pick fixes for the deny usb toggle
- 20.0: pull in a patch from GrapheneOS removing a package list leak

Signed-off-by: Tad <tad@spotco.us>
 2022-11-07 20:30:36 -05:00
Tad
b9f4074226 20.0: disable the broken monet toggle patch 
Has some weird inconsistencies

Signed-off-by: Tad <tad@spotco.us>
 2022-11-03 14:49:28 -04:00
Tad
aa4ffdb014
20.0: add taimen/walleye 
not stable yet, ims crashes invoking rescueparty

Signed-off-by: Tad <tad@spotco.us>
 2022-10-31 18:31:55 -04:00
Tad
11780d890f Churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-24 22:53:41 -04:00
Tad
94d7ea9bb3
20.0: fixup exec spawning toggle and also default disable it like 42c9d22d 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-22 18:04:44 -04:00
Tad
d2096c86d9
Fixup 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-18 22:44:01 -04:00
Tad
0c4db149e1
20.0: Network & Sensors permission from GrapheneOS 
This revokes the permissions to all user installed apps on update.
Likely an expected quirk of being on 20.0 without the permission.
19.1 upgrades and new 20.0 installs should be fine.

TODO: update 19.1 with the SpecialRuntimePermAppUtils too

Signed-off-by: Tad <tad@spotco.us>
 2022-10-18 22:14:56 -04:00
Tad
91b908a78a
20.0: more fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-17 06:39:55 -04:00
Tad
e8248e4938
20.0: fixes + r11 churn 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-16 17:18:06 -04:00
Tad
4524eb43d3
20.0: It boots! 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-16 08:54:04 -04:00
Tad
5b114cacf8
20.0: More fixes 
It compiles, but fails to sign:
> TypeError: cannot use a string pattern on a bytes-like object

Signed-off-by: Tad <tad@spotco.us>
 2022-10-15 17:20:41 -04:00
Tad
5cada3a769
20.0: Fixes 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-15 15:53:17 -04:00
Tad
055ed9bfad
20.0: Initial bringup 
Signed-off-by: Tad <tad@spotco.us>
 2022-10-15 10:39:48 -04:00